Agnitum: Microsoft Kernel Patch Protection Endangers Security Vendors

["Fergie" <fergdawg () netzero net>]

Thanks to Alex over at Sunbelt.

[snip]

Interesting post by the ubercoders at Agnitum on Kernel Patch
Protection (a new security feature introduced by Microsoft for 64–bit
systems):

New security measures introduced by Microsoft under the name "Kernel
Patch Protection" are being presented to the world as bringing a new
level of security to users. This security will be provided by a
combination of Microsoft security software and Windows operating system
kernel design.

Agnitum security experts have analyzed these new measures, and it is
their informed opinion that these measures will actually cause more
harm than good, for two primary reasons:

* It will be more complicated for third-party security software
companies to install and maintain their software on Windows PCs. In
some circumstances, kernel patch protection may even block the
installation of third-party security software.
* It will be easier for hackers to share and use this new technology
than for legitimate software developers.

[snip]

Link:
http://sunbeltblog.blogspot.com/2006/07/agnitum-says-microsoft-kernel-patch.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.